Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: zJBwMSoDO/2wesPujqR0V3HI+KR7pH7g7pQc7TGVRV8=
Subject key identifier: 06:21:E8:51:BE:87:5F:1E:DF:AD:A5:37:EC:A0:4B:33:39:91:F1:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59E85BE6950BAF0D3E930A2B4573743ACA4E8893
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Tue 21 Oct 2025 14:31:13 +0000
ROA not before: Tue 21 Oct 2025 14:31:13 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:e8:5b:e6:95:0b:af:0d:3e:93:0a:2b:45:73:74:3a:ca:4e:88:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:31:13 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=52d3e619a4cc2d0d4d9ac0f0407f94642c782cfd35c74089e32f492102af5390, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:19:77:ef:4e:fb:90:1f:50:62:e0:71:b6:4f:
ee:5e:3e:0a:1f:af:d3:70:ad:f2:31:5a:6d:55:49:
48:e1:ce:ed:e3:c9:15:9b:ee:8c:01:8d:69:c7:c7:
c3:ce:7a:af:6d:5b:65:70:60:e8:04:c5:f3:3b:62:
0a:53:e1:bc:97:84:58:c5:cf:8c:7c:d0:6c:0e:31:
00:80:01:03:ba:ba:7d:45:78:89:61:cd:fb:77:a2:
53:15:bc:7a:4c:92:dc:92:e1:a4:20:d1:42:3b:eb:
24:cc:4f:17:0c:76:79:70:25:34:4f:64:63:29:2b:
a9:a4:7b:d8:f0:f7:31:1d:97:a0:9e:a5:6a:6e:1b:
b0:c0:8b:d8:41:69:19:9e:f5:cd:64:91:8c:4a:3e:
0d:eb:0e:eb:f0:12:2b:46:96:e5:cc:26:76:38:dc:
e0:39:b3:d4:46:c5:20:35:22:09:ea:af:aa:4e:04:
53:82:14:5b:4d:e2:9d:24:1b:38:e1:39:d1:03:3f:
31:e9:4b:69:78:79:bc:f5:f5:00:08:a9:6a:0d:e1:
a1:ae:d8:03:b8:07:a6:4b:b4:f2:a7:43:6a:a9:46:
64:b6:b6:c0:f5:4f:e4:34:a0:23:10:b4:49:38:fb:
60:48:ee:43:7b:92:29:42:18:68:16:19:ff:b0:8a:
cb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:21:E8:51:BE:87:5F:1E:DF:AD:A5:37:EC:A0:4B:33:39:91:F1:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
24:b5:fd:0d:64:ba:7d:95:94:91:ba:dd:a8:1f:7c:8c:6c:df:
fd:99:12:be:02:36:49:db:1e:ae:38:a4:1e:7d:a0:55:ce:0d:
d9:f0:15:18:1a:3a:e0:70:0f:b3:5c:f7:16:14:30:45:aa:4f:
86:3c:75:14:e0:24:ab:b5:21:59:a7:1e:20:71:36:ad:a1:85:
5e:c6:b2:4b:77:5e:8b:9a:79:7b:d5:ea:d0:7d:16:a6:3f:07:
f3:1a:c5:96:0b:5f:ac:db:c0:25:8d:5b:fa:8b:86:cc:f0:d0:
0c:cd:0b:34:99:6d:96:c2:1a:36:6f:1a:6b:c3:56:9a:06:39:
e5:67:f7:d5:7b:75:a8:58:e0:98:00:24:d2:40:10:0b:e3:11:
89:11:3d:4b:43:6d:16:9e:0c:8a:e7:25:c3:ad:a6:d8:20:12:
d3:c8:fd:ba:f1:8c:62:5d:0b:f3:99:22:1a:02:73:fd:9b:ae:
4b:2b:00:83:46:bf:01:a8:a7:35:a4:ee:48:8c:4f:23:8b:a0:
1a:39:e0:17:d8:0c:7b:aa:04:08:21:77:28:04:b9:05:f6:77:
1e:a3:dc:51:a6:7e:c2:57:37:a3:e3:70:87:f4:1c:07:f5:be:
ad:b0:96:f3:43:67:ca:9f:04:d1:6d:0d:eb:ab:33:76:58:94:
0b:dd:43:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWehb5pULrw0+kworRXN0OspOiJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMxMTNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyZDNlNjE5YTRjYzJkMGQ0ZDlhYzBmMDQwN2Y5NDY0MmM3ODJjZmQzNWM3
NDA4OWUzMmY0OTIxMDJhZjUzOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUZd+9O+5AfUGLgcbZP7l4+Ch+v03Ct8jFabVVJSOHO7ePJFZvujAGNacfH
w856r21bZXBg6ATF8ztiClPhvJeEWMXPjHzQbA4xAIABA7q6fUV4iWHN+3eiUxW8
ekyS3JLhpCDRQjvrJMxPFwx2eXAlNE9kYykrqaR72PD3MR2XoJ6lam4bsMCL2EFp
GZ71zWSRjEo+DesO6/ASK0aW5cwmdjjc4Dmz1EbFIDUiCeqvqk4EU4IUW03inSQb
OOE50QM/MelLaXh5vPX1AAipag3hoa7YA7gHpku08qdDaqlGZLa2wPVP5DSgIxC0
STj7YEjuQ3uSKUIYaBYZ/7CKy88CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGIehR
vodfHt+tpTfsoEszOZHxuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQAktf0NZLp9lZSRut2oH3yMbN/9mRK+AjZJ2x6u
OKQefaBVzg3Z8BUYGjrgcA+zXPcWFDBFqk+GPHUU4CSrtSFZpx4gcTatoYVexrJL
d16Lmnl71erQfRamPwfzGsWWC1+s28AljVv6i4bM8NAMzQs0mW2Wwho2bxprw1aa
BjnlZ/fVe3WoWOCYACTSQBAL4xGJET1LQ20WngyK5yXDrabYIBLTyP268YxiXQvz
mSIaAnP9m65LKwCDRr8BqKc1pO5IjE8ji6AaOeAX2Ax7qgQIIXcoBLkF9nceo9xR
pn7CVzej43CH9BwH9b6tsJbzQ2fKnwTRbQ3rqzN2WJQL3UP6
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:58 2025 by rpki-client